Western government agents behind this hacking campaign

A sophisticated hacking campaign that previously targeted security holes in Android, Windows and iOS devices is in fact the work of “members of the Western government” leading a “counterterrorism operation,” according to the report. a new report from MIT Technology Review.

The campaign in question, which has attracted more and more attention media in recent weeks, was the first written on in January by the Google Project Zero Threat Research team. At the time, all that was publicly known was that somebody had risen to a very delicate matter: a “highly sophisticated” group, probably composed of “teams of experts”, was responsible for targeting Numerous zero-day vulnerabilities (the grand total would later become 11) in various major operating systems, the researchers wrote.

This hacking campaign, which lasted about nine months, used the so-called “Watering point” method– in which a threat actor injects malicious code into a website to effectively “trap” it (site visitors will subsequently be infected with malware, allowing the hacker to target and escalate the compromise specific targets).

From all of these descriptors, there were naturally signs pointing to the involvement of some sort of high-level nation-state hackers – although few would have guessed that the culprits were, in fact, our friends! Nonetheless, this appears to be the case. It is not known which government is really responsible for the attacks, who its targets were, or what the so-called “counter-terrorism” operation linked to all of this involved. MIT has not disclosed how they entered this information.

One thing is certain: Google’s discovery and subsequent public disclosure of the exploits (along with the company’s decision to patch the vulnerabilities) apparently derailed any ongoing government operations. MIT writes that by going public, the tech company effectively ended a ‘live counterterrorism’ cyber mission, also adding that it “is not clear whether Google informed representatives in advance. of government that they would release and stop ”the attacks. This apparently “caused an internal division within Google and raised questions within the intelligence communities of the United States and its allies.”

There are a lot of questions here, obviously. First of all, which government was doing this? What was the “terrorist” threat they were investigating? What websites have been used in the pursuit of these terrorists? Given the politically sensitive nature of these kinds of operations, it is unlikely that we will get answers to these questions – at least not right away. But since there is so little information available, it is also quite difficult to understand whether Project Zero was justified in exiting the operation or not, or what was even going on here.

Google apparently knows who the hackers are, and MIT reports that the incident sparked a debate within the company about whether counterterrorism operations like this should be considered ‘off limits’ for public disclosure, or whether it was all it’s up to them to disclose vulnerabilities to “protect users and make the Internet more secure.” “